Total
498 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-54143 | 1 Mozilla | 1 Firefox | 2026-06-17 | N/A | 9.8 CRITICAL |
| Sandboxed iframes on webpages could potentially allow downloads to the device, bypassing the expected sandbox restrictions declared on the parent page. This vulnerability was fixed in Firefox for iOS 141. | |||||
| CVE-2025-52951 | 1 Juniper | 1 Junos | 2026-06-17 | N/A | 5.8 MEDIUM |
| A Protection Mechanism Failure vulnerability in kernel filter processing of Juniper Networks Junos OS allows an attacker sending IPv6 traffic destined to the device to effectively bypass any firewall filtering configured on the interface. Due to an issue with Junos OS kernel filter processing, the 'payload-protocol' match is not being supported, causing any term containing it to accept all packets without taking any other action. In essence, these firewall filter terms were being processed as an 'accept' for all traffic on the interface destined for the control plane, even when used in combination with other match criteria. This issue only affects firewall filters protecting the device's control plane. Transit firewall filtering is unaffected by this vulnerability. This issue affects Junos OS: * all versions before 21.2R3-S9, * from 21.4 before 21.4R3-S11, * from 22.2 before 22.2R3-S7, * from 22.4 before 22.4R3-S7, * from 23.2 before 23.2R2-S4, * from 23.4 before 23.4R2-S5, * from 24.2 before 24.2R2-S1, * from 24.4 before 24.4R1-S2, 24.4R2. This is a more complete fix for previously published CVE-2024-21607 (JSA75748). | |||||
| CVE-2025-52643 | 1 Hcltech | 1 Aion | 2026-06-17 | N/A | 4.7 MEDIUM |
| HCL AION is affected by a vulnerability where untrusted file parsing operations are not executed within a properly isolated sandbox environment. This may expose the application to potential security risks, including unintended behaviour or integrity impact when processing specially crafted files. | |||||
| CVE-2025-52615 | 1 Hcltech | 1 Unica | 2026-06-17 | N/A | 3.5 LOW |
| HCL Unica Platform is impacted by misconfigured security related HTTP headers. This can lead to less secure browser default treatment for the policies controlled by these headers. | |||||
| CVE-2025-52609 | 1 Hcltech | 1 Icontrol | 2026-06-17 | N/A | 3.7 LOW |
| HCL iControl was affected by Missing Security Headers vulnerability. which lead to cross-site scripting (XSS) attacks by enabling the built-in XSS filtering mechanisms of modern web browsers. | |||||
| CVE-2025-50897 | 1 Boom-core | 1 Boomv | 2026-06-17 | N/A | 4.3 MEDIUM |
| A vulnerability exists in riscv-boom SonicBOOM 1.2 (BOOMv1.2) processor implementation, where valid virtual-to-physical address translations configured with write permissions (PTE_W) in SV39 mode may incorrectly trigger a Store/AMO access fault during store instructions (sd). This occurs despite the presence of proper page table entries and valid memory access modes. The fault is reproducible when transitioning into virtual memory and attempting store operations in mapped kernel memory, indicating a potential flaw in the MMU, PMP, or memory access enforcement logic. This may cause unexpected kernel panics or denial of service in systems using BOOMv1.2. | |||||
| CVE-2025-49740 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2026-06-17 | N/A | 8.8 HIGH |
| Protection mechanism failure in Windows SmartScreen allows an unauthorized attacker to bypass a security feature over a network. | |||||
| CVE-2025-49193 | 1 Sick | 6 Baggage Analytics, Field Analytics, Logistic Diagnostic Analytics and 3 more | 2026-06-17 | N/A | 4.2 MEDIUM |
| The application fails to implement several security headers. These headers help increase the overall security level of the web application by e.g., preventing the application to be displayed in an iFrame (Clickjacking attacks) or not executing injected malicious JavaScript code (XSS attacks). | |||||
| CVE-2025-48800 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2026-06-17 | N/A | 6.8 MEDIUM |
| Protection mechanism failure in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack. | |||||
| CVE-2025-48653 | 1 Google | 1 Android | 2026-06-17 | N/A | 7.8 HIGH |
| In loadDataAndPostValue of multiple files, there is a possible way to obscure permission usage due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2025-48652 | 1 Google | 1 Android | 2026-06-17 | N/A | 7.8 HIGH |
| In performPreInstallChecks of InstallRepository.kt, there is a possible way to bypass MDM policy due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2025-48649 | 1 Google | 1 Android | 2026-06-17 | N/A | 7.8 HIGH |
| In multiple locations, there is a possible way to reset user-selected permissions selections due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2025-48635 | 1 Google | 1 Android | 2026-06-17 | N/A | 7.7 HIGH |
| In multiple functions of TaskFragmentOrganizerController.java, there is a possible activity token leak due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2025-48626 | 1 Google | 1 Android | 2026-06-17 | N/A | 9.8 CRITICAL |
| In multiple locations, there is a possible way to launch an application from the background due to a precondition check failure. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2025-48605 | 1 Google | 1 Android | 2026-06-17 | N/A | 8.4 HIGH |
| In multiple functions of KeyguardViewMediator.java, there is a possible lockscreen bypass due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2025-48602 | 1 Google | 1 Android | 2026-06-17 | N/A | 8.4 HIGH |
| In exitKeyguardAndFinishSurfaceBehindRemoteAnimation of KeyguardViewMediator.java, there is a possible lockscreen bypass due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2025-48554 | 1 Google | 1 Android | 2026-06-17 | N/A | 6.1 MEDIUM |
| In handlePackagesChanged of DevicePolicyManagerService.java, there is a possible persistent denial of service due to a logic error in the code. This could lead to local denial of service with no additional execution privileges needed. User interaction is needed for exploitation. | |||||
| CVE-2025-48546 | 1 Google | 1 Android | 2026-06-17 | N/A | 7.8 HIGH |
| In checkPermissions of SafeActivityOptions.java, there is a possible background activity launch due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2025-48534 | 1 Google | 1 Android | 2026-06-17 | N/A | 8.8 HIGH |
| In getDefaultCBRPackageName of CellBroadcastHandler.java, there is a possible escalation of privilege due to a logic error in the code. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2025-48531 | 1 Google | 1 Android | 2026-06-17 | N/A | 7.8 HIGH |
| In getCallingPackageName of CredentialStorage, there is a possible permission bypass due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||